Danor Cohen, a Security researcher who recently discovered the 'WinRAR file spoofing vulnerability', has discovered one more zero day vulnerability. This time it is Buffer Overflow vulnerability in one of the popular web application vulnerability scanner 'Acunetix'.

There is a feature in Acunetix that allows to scan the additional domains or subdomains detected during the scan.

"It learns about the external related domains from the external sources that appear at the scanned website, for example: "<a href=http://externalSource.com/ ></a>"

Danor found that if the 'external' source url's length is larger than 268Bytes, the Acunetix vulnerability scanner will get crashed.

For Ex:

<A href= “http://AAAAAAAAAAAAAAAAAAAAAAAAAA...........AAAAA”>

Researcher managed to exploit this vulnerability and successfully launched an executable file(calc.exe). By modifiying the code, one can infect the computers of newbies with a malware who attempt to scan their websites.

*Update*:Acunetix says this vulnerability affects only the illegitimate(cracked) copies of Acunetix WVS.

"The blogger seems to have managed to pull his exploit by using a cracked version of v8. The cracked version, probably required the replacement of the official executable with a vulnerable one." Acunetix says.

"Once again we want to re-assure all users of legitimate installations of Acunetix WVS that they are in no danger, and are not affected by this at all"

Security Researcher Ucha Gobejishvili (longrifle0x),Vulnerability Lab, discovered Buffer overflow vulnerability in the GOM Media player application. Version 2.1.37 found to be vulnerable to this attack.

Buffer overflow:
An app is said to be vulnerable to when it allows attackers to store the the data in a buffer beyond the size allocated for it. By successfully exploiting the vulnerability, an attacker can run an arbitrary code.

Researcher claimed the vulnerability can exploited by local and remote attackers. Researcher estimated this vulnerability risk as high.

POC:
1) Download & open the software client
2) Click open ==> Url..
3) Put vulnerability code
4) now you will see result

This Metasploit module exploits a vulnerability found in Excel of Microsoft Office 2007. By supplying a malformed .xlb file, an attacker can control the content (source) of a memcpy routine, and the number of bytes to copy, therefore causing a stack-based buffer overflow. This results in arbitrary code execution under the context of the user.